/*    */ package com.zimbra.cs.service;
/*    */ 
/*    */ import com.zimbra.common.service.ServiceException;
/*    */ import com.zimbra.common.util.Log;
/*    */ import com.zimbra.common.util.ZimbraLog;
/*    */ import com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException;
/*    */ import com.zimbra.cs.account.AuthToken;
/*    */ import com.zimbra.cs.account.Config;
/*    */ import com.zimbra.cs.account.Provisioning;
/*    */ import com.zimbra.cs.account.auth.AuthContext.Protocol;
/*    */ import com.zimbra.cs.service.authenticator.SSOAuthenticator.ZimbraPrincipal;
/*    */ import java.io.IOException;
/*    */ import java.security.Principal;
/*    */ import javax.servlet.ServletException;
/*    */ import javax.servlet.http.HttpServletRequest;
/*    */ import javax.servlet.http.HttpServletResponse;
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ 
/*    */ public class SpnegoAuthServlet
/*    */   extends SSOServlet
/*    */ {
/*    */   public void doGet(HttpServletRequest req, HttpServletResponse resp)
/*    */     throws ServletException, IOException
/*    */   {
/* 39 */     ZimbraLog.clearContext();
/* 40 */     addRemoteIpToLoggingContext(req);
/* 41 */     addUAToLoggingContext(req);
/*    */     
/* 43 */     boolean isAdminRequest = false;
/* 44 */     boolean isFromZCO = false;
/*    */     try
/*    */     {
/* 47 */       isAdminRequest = isOnAdminPort(req);
/* 48 */       isFromZCO = isFromZCO(req);
/*    */       
/* 50 */       Principal principal = req.getUserPrincipal();
/*    */       
/* 52 */       if (principal == null) {
/* 53 */         throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("no principal");
/*    */       }
/*    */       
/* 56 */       if (!(principal instanceof SSOAuthenticator.ZimbraPrincipal)) {
/* 57 */         throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED(principal.getName(), "not ZimbraPrincipal", (Throwable)null);
/*    */       }
/*    */       
/* 60 */       SSOAuthenticator.ZimbraPrincipal zimbraPrincipal = (SSOAuthenticator.ZimbraPrincipal)principal;
/* 61 */       AuthToken authToken = authorize(req, AuthContext.Protocol.spnego, zimbraPrincipal, isAdminRequest);
/*    */       
/* 63 */       if (isFromZCO) {
/* 64 */         setAuthTokenCookieAndReturn(req, resp, authToken);
/*    */       } else {
/* 66 */         setAuthTokenCookieAndRedirect(req, resp, zimbraPrincipal.getAccount(), authToken);
/*    */       }
/*    */     }
/*    */     catch (ServiceException e) {
/* 70 */       if ((e instanceof AccountServiceException.AuthFailedServiceException)) {
/* 71 */         AccountServiceException.AuthFailedServiceException afe = (AccountServiceException.AuthFailedServiceException)e;
/* 72 */         ZimbraLog.account.info("spnego auth failed: " + afe.getMessage() + afe.getReason(", %s"));
/*    */       } else {
/* 74 */         ZimbraLog.account.info("spnego auth failed: " + e.getMessage());
/*    */       }
/* 76 */       ZimbraLog.account.debug("spnego auth failed", e);
/*    */       
/* 78 */       if (isFromZCO) {
/* 79 */         resp.sendError(403, e.getMessage());
/*    */       } else {
/*    */         try {
/* 82 */           redirectToErrorPage(req, resp, isAdminRequest, Provisioning.getInstance().getConfig().getSpnegoAuthErrorURL());
/*    */         }
/*    */         catch (ServiceException se) {
/* 85 */           ZimbraLog.account.info("failed to redirect to error page: " + se.getMessage());
/* 86 */           resp.sendError(403, e.getMessage());
/*    */         }
/*    */       }
/*    */     }
/*    */   }
/*    */   
/*    */   public void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
/*    */   {
/* 94 */     doGet(req, resp);
/*    */   }
/*    */   
/*    */   protected boolean redirectToRelativeURL()
/*    */   {
/* 99 */     return true;
/*    */   }
/*    */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/cs/service/SpnegoAuthServlet.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */